Schedule 2022
8:00 - Registration Opens / Visit Sponsors / Light Breakfast
9:00 to 9:40
Anderson Student Center (ASC) A
Discussion provides an overview of how the US Government pivoted from legacy development to embracing modern approaches, innovative methodologies, Human-Centered Design, Agile, DevSecOps and Open Source to disrupt decades of bureaucracy. History of United States Digital Services, 18F, Air Force Software Factories (Kessel Run), and United States Citizenship and Immigration Services (USCIS) as examples of this evolution and its promising future.
Anderson Student Center (ASC) B
Talk level: intermediate
Decomposing existing monolithic applications into microservices or other migration / hybrid application transitions requires a balancing act between moving efficiently and keeping existing services online. Strangler Fig is the most common pattern used for migrations of these types. See how to successfully implement Strangler Fig in an example monolithic to microservices application rewrite.
Anderson Student Center (ASC) C
Application network security is of utmost importance for many companies around the globe. With cyber perils on the rise we’ll talk about what it means to improve security for data in flight with a zero trust networking architecture. Using technologies such as Envoy, Istio and eBPF we will dive into methods to help secure, observe and proactively prevent the potential compromise of data in flight.
Anderson Student Center (ASC) Scooters
One of the features added in C# 9 is called "source generators", enabling a developer to create new code at compile time. This can be used for a myriad of cases, such as optimization, automating repetitive code, and dynamic API creation. In this session, I'll cover how source generators work and demonstrate a number of implementations.
Iverson Center for Faith (ICF) A
In this presentation, you will learn the fundamental skills to take the next step in developing high-quality data engineering software through automated testing. These concepts apply broadly to data engineering, and isn't just for PySpark developers. Many data engineers don't have the time, knowledge, or patience to build automated tests for their Spark pipelines. This talk will start with organizing your code, then walk through the test-driven development process and apply it to data engineering tasks like building verifiably high-quality DataFrame transformations. If there's time, the talk will then demonstrate how to translate the TDDE concepts to building AWS Glue pipelines with PySpark.
Iverson Center for Faith (ICF) B
Infrastructure as Code comes in many flavors, and the Azure Cloud's default deployment templates work with Azure Resource Manager (ARM) to define and deploy infrastructure. Working with the JSON format of ARM can be challenging, but Microsoft has introduced a language processor called Bicep which generates ARM as output. At the same time there are other options, including scripting tools, Terraform, Pulumi, Ansible and others. In this session we'll compare creating infrastructure using ARM, Terraform and Bicep, and compare pros and cons to each.
Iverson Center for Faith (ICF) C
What would your team do if they knew with absolute certainty there was something more productive to be working on? The giants of software are outpacing the competition with the leadership and decision-making skills of their whole teams. Almost everyone else is getting in the way of their own all-stars and hoping agile will save them. How do you win when problems are complex and all the easy jobs are taken? Let your teams lead themselves.
10:00 to 10:40
Anderson Student Center (ASC) A
Almost every organization has initiatives that promote Women in Technology, and DEI broadly. Over the course of her career, Meena has had the pleasure of both participating in and leading these initiatives. She also has decades of lived experience as a woman trying to succeed in technology, who has benefited from the advocacy and counsel of allies along the way. In this talk, she reflects on her personal observations about allyship and some effective tips for those seeking to advance women in technology.
Anderson Student Center (ASC) B
Avoid CICD vendor lock-in by leveraging multi-stage Docker builds and GitOps with ArgoCD, Azure Arc (Flux) and GCP Anthos. We will compare Cloud SaaS and OSS options for GitOps CD, demonstrate multi-cloud deployments and moving CI logic from CI systems into container builds.
Anderson Student Center (ASC) C
We will show how businesses are adopting verifiable credentials, decentralized orchestration and blockchain identity to reduce fraud, increase privacy and improve user experience. Our real-world examples of production ready solutions are already being used by one state’s Department of Education as well as other public sector organizations. Learn how biometrics, proofing, KYC and other MFA services link with verifiable credentials through decentralized orchestration. See how paper-based documents are being replaced with verifiable credentials that reduce cost, increase security and privacy preservation. We will also demonstrate how Ping Identity and other sources can issue and verify blockchain based verifiable credentials.
Anderson Student Center (ASC) Scooters
We’ve all heard them. Things like “It’s just a form” and “It shouldn’t take that long to add a few buttons”. Sometimes we hear them from our peers and stakeholders, and other times we hear them from ourselves. Why are these assumptions so common and what makes Front-End so unassuming? We’ll explore a few common scenarios and identify what makes Front-End applications complex, how to spot these complexities, and why bad assumptions are all too common.
Iverson Center for Faith (ICF) A
Your program might be easy for **you** to use, but can someone else use it just as easily? If we want people to use open source software, it has to be easy to learn and easy to use, or people will not use it. In this session, we'll learn about *usability testing* - what it is, why it's important, and how to do it. You don't need a "usability lab" to do usability testing - you don't even need to be in the same room. You can learn a lot just by watching five people use the software to do a set of tasks. We'll walk through all the steps to do your own usability test and how to understand the results so you can make your software even better.
Iverson Center for Faith (ICF) B
Users don’t see your distributed services, cloud architecture, or instrumentation—they only see how the web app is working. Understanding their experience in the client-side is the first step towards understanding the rest of the system. We’ll explore how to make your client-side applications more observable through error tracking, web performance, and usage analytics. With better understanding of real-user experience, you’ll better understand the real behavior of your systems.
Iverson Center for Faith (ICF) C
Last December, many of us were forced to contend with the Log4Shell vulnerability and rushed to get our systems patched to protect against this zero-day exploit. While this particular vulnerability may be patched satisfactorily by now, our current technology landscape means these incidents will continue to happen over and over again. We may not be able to predict exactly when they'll occur but we can take steps to be more prepared to handle them when they do show up. Join us for an open discussion about how Log4Shell-type events impact technology teams logistically and strategically. Our panel will feature consultants with experience in development, project delivery, product strategy and architecture. We've seen these events play out in companies across the state and want to share what we've learned.
We'll cover questions like
- How can developers move quickly without moving recklessly?
- How should the response differ based on the company's size and product?
- How can product/project delivery teams protect customers and support developers?
- How do solution architects handle the feeling that you should re-evaluate everything?
- Is it a good thing for your CEO to know the name of your low-level logging framework?
Stop by to listen in or bring your own questions for us to discuss
11:00 to 11:40
Anderson Student Center (ASC) A
Xcel Energy provides service to millions of customers across the Midwest and Western United States. Xcel is also one of the leaders in clean energy production with a goal of being 100% carbon free by 2050. Historically, Xcel Energy has not been known as a leader in IT innovation...that is changing and it's changing FAST! Please join Andy and Mike Pereira as they talk about the adventure of building digital capabilities within the utility landscape.
Anderson Student Center (ASC) B
Real-Time processing is becoming a requirement in all analytic verticals as businesses need to react to results immediately. However, sometimes the move from batch to real-time can leave you in a pinch. How do you reprocess/correct mistakes in your data? How do you migrate a new system to real-time that has historical data to bring along with them? Migrating from batch to real-time in Apache Druid doesn't mean you forget about batch.
We'll start with how to run Apache Druid locally with your containerized based development environment. We will load data from files and as well as from real-time streaming with Apache Kafka.
Take Aways:
* How to run Apache Druid and Apache Kafka locally
* Druid Ingestion in batch and real-time
* Query the data using Druid SQL Console and Apache Superset
* Configure Apache Druid Real-Time Ingestion to make it safe to reload historical segments
Anderson Student Center (ASC) C
The trials and tribulations of taking an open source project, Wine, from a very cool concept with practical application to a worldwide phenomenon, Proton, in 26 short years. The presentation focuses on the many milestones achieved in building Wine to the point where it will be the software foundation for the pending gaming platform, Steam Deck (from Valve), in 2022. In doing so, the presentation discusses how projects can successfully collaborate with commercial enterprise to form and deliver better solutions.
Anderson Student Center (ASC) Scooters
Much like a new puppy, the challenges of micro frontend architecture aren’t always obvious until you’ve adopted it. Your dreams of aligning frontend code ownership with team structure have been realized, and it fills your heart with joy. However, UI components have become more difficult to share between teams, presenting a challenge when you want the same widget to appear throughout the product.
In this talk, we’ll introduce you to Module Federation, a promising new feature of Webpack 5 that can make sharing UI components much easier. We’ll cover the benefits, limitations and gotchas of implementing this solution in an enterprise setting, helping you determine where and how Module Federation can be useful in your organization.
Iverson Center for Faith (ICF) A
For the most flexible, powerful stream processing engines, it seems like the barrier to entry has never been higher than it is now. If you’ve tried, or have been interested in leveraging the strengths of real-time data processing - maybe for machine learning, IoT, anomaly detection or data analysis - but you’ve been held back: I’ve been there, and it’s frustrating. And that’s why this talk is for you.
That being said, this talk is also for you if you ARE experienced with stream processing but you want an easy (and if I say so myself, pretty fun) way to add some of the newest, bleeding edge features to your toolbelt.
This session will be about getting started with Flink SQL. Apache Flink’s high level SQL language has the familiarity of the SQL you know and love (or at least, know…), but with some powerful new functionality, and of course, the benefit of being able to be used with Flink and PyFlink.
More specifically, this will be a pragmatic entry into creating data pipelines with Flink SQL, as well as a sneak peek into some of its newest and most interesting features.
Iverson Center for Faith (ICF) B
You have probably heard of SVGs but haven't taken the dive and hand-coded them. Let's unlock inline SVG's power and change that. A codepen account is encouraged if you'd like to code-along.
Iverson Center for Faith (ICF) C
Every year, HR managers say that Open Source talent is important to them, but also say they have trouble finding qualified help. Public education is doing next to nothing to meet this need. We're trying to change that.
Our presentation demonstrates the effectiveness benefits and effectiveness of bringing Open Source software into K-12 education through school based Linux clubs. The award-winning Aspen Academy Penguin Corps uses Linux and Open Source software to rejuvenate old computers, which are then used by students who need them. This closed our school's Digital Divide.
We'll explain how our school solved its COVID-19 induced digital equity problems through the use of Open Source software and recycled computers, ultimately providing over 300 computers for students for less than $7,000. From there, we'll talk about how we've used open source to provide computers for our classrooms, for a pilot 1:1 program, and how we'll use Open Source to create exciting new learning opportunities in the next school year. We will also teach about how YOU can get involved in bringing today's students into the Open Source community.
Come hear from Stu Keroff and a team of Penguin Corps students. Bring your questions and be ready to be inspired!
11:40 to 1:00 - Lunch / Visit Sponsors
1:00 to 1:40
Anderson Student Center (ASC) A
Best Buy's amazing fulfillment capabilities are now being brought to other retailers, such as Amazon, Samsung, Instacart and others. It is being powered by APIs available for others to use. This presentation is sharing what we do, how we do it, and how it might inspire you to think about what's possible.
Anderson Student Center (ASC) B
Vela is a fast, lightweight and scalable CI/CD platform built on Linux container technology written in Golang.
Learn about the journey Vela underwent from an internal project at Target to an open source offering ran by multiple companies!
Some topics covered include why we built Vela, challenges with open source and the future outlook of the project.
A small demo will be showcased with some of the most loved features Vela has to offer.
Anderson Student Center (ASC) C
One of the most effective ways to promote any Open-Source project is to build a tightly-knit community of developers that know and trust each other. We have found that using a combination of microsites, blogging, and analytics are great ways to build trusting communities. This talk will describe our experiences building a community around Open-Source MicroPython development. We’ll explain the various process we have built around Medium.com, LinkedIn, GitHub, and GitHub Pages and show some of the ways you can create and build communities using these tools. We will also show how these tools provide statistics and metrics that give you feedback on how your community is growing and how to encourage and promote leaders in your community.
Anderson Student Center (ASC) Scooters
Let's do something just for the fun of it!
Sonic Pi is a code-based music creation and performance tool - let's dig into this together! No Sonic Pi or musical experience needed, but it might be helpful to have some coding experience (or knowledge) and a passion for music!
We'll learn how to spin up the program, what options are available, how to use them, and then jam out for a bit :)
Download Sonic Pi here if you'd like to code along: https://sonic-pi.net/
Iverson Center for Faith (ICF) A
C.H. Robinson's role as one of the world's largest logistics companies has been disrupted by companies with strong digital platforms. However, this competitive pressure has set off a digital transformation in how decisions are made in pricing, freight matching, and overall supply chain execution throughout the business, with a renewed focus on bolstering digital connectivity with our customers and carriers. In this talk, we’ll walk through a few ways data science has been empowering people to make data-driven decisions and how this is evolving the legacy business processes at C.H. Robinson, which, in turn, is pushing our underlying technology platform and how our customers interact with us.
Iverson Center for Faith (ICF) B
As data applications move from file and database solutions to streaming, the need for strong schema authoring and management becomes critical for rapid development and providing resiliency/availability in operations.
We'll discuss the why, what and how in regard to best practices as well as learnings over the authors past 10 years.
Iverson Center for Faith (ICF) C
In this session, we will share our tried-and-true playbook for hosting an internal day of learning. This approach offers an opportunity to spread the wealth after attending a conference and can generate increased pride across your teams. Imagine taking all those professional development ideas and being able to share, influence, and grow back at your organization!
We will walk you through our 10-year journey in which we honed a playbook for hosting our internal learning day, and how we’ve been able to leverage the platform created to drive engagement in our learning culture. You will hear the end-to-end decisions you need to make to create your own learning day. You will get the planning, speaker development, logistics, and technology implementation tips you need to host a tailor-made learning event for your team. We will share our full-on marketing approach too- stickers, logos, the whole package to create that buzz of excitement! We will also highlight our internal speaker development program, so you can begin to grow your own external speakers who can share and represent your company.
2:00 to 2:40
Anderson Student Center (ASC) A
In this session, we will see how Technology is changing the medical diagnostic industry especially after the pandemic. Few telemedicine platforms are using a virtual triaging engine for checking symptoms, then using AI to diagnose and create treatment options for providers. This session will explore how virtuwell, a leading telemedicine platform from St. Paul, is deploying predictive analytics to reduce bottlenecks and improve patient flow and patient-specific needs. We will share our journey of how we handled the patient needs during the initial stages of pandemic when most regular clinics were not available. We will cover how we Infused our platform with machine learning algorithms to be better at triaging on not only acute conditions but also on chronic conditions by integrating at home medical kit results.
Anderson Student Center (ASC) C
Commerce "platforms" have been on the market since around 1994. Over the decades, eCommerce has grown from a channel off to the side to being the primary system of generating revenue, both in-store and through digital channels. The market has dramatically changed over the decades and in this talk we'll cover those changes, what the market looks like today, and what the "end state" of the market is shaping up to look like.
Anderson Student Center (ASC) C
GraphQL exposes application data as a graph which can introduce challenges if your backend isn’t graph-ready (think slow JOINs as a result of nested GraphQL queries and the dreaded n+1 query problem). The Neo4j GraphQL library enables developers to build GraphQL APIs backed by a native graph database using only GraphQL type definitions.
Anderson Student Center (ASC) Scooters
We all know that data intensive applications have had explosive growth in the past decade. Data now drives significant portions of our lives, from making sense of IoT swarm data to detecting fraudulent transactions at your bank. As software developers, we all have unprecedented opportunities to build data applications that generate value from these massive datasets, but where do you even start?vJoin me for this talk as we:
* introduce data intensive applications. What are they? What do they look like? Why are they important?
* explore application architectures of some popular data-intensive applications (Twitter, financial transactions, etc.) build a data-intensive application from scratch using only SQL.
* discuss the future of data in software development.
This talk is for application developers, data scientists, and of all skill levels and backgrounds and will serve as an introduction to building scalable data intensive applications.
Iverson Center for Faith (ICF) A
As an incubator for innovation in air travel, Aruba has chosen to use verifiable digital credentials to manage entry requirements and health testing for travel to the island. This decentralized, open-source technology, which provides secure authentication while preserving traveler privacy, was developed by SITA and Indicio.tech and donated to Linux Foundation Public Health as Cardea. In this session, we will discuss why they chose a decentralized approach, how they created a trusted data ecosystem, and why the ability to verify personal data without having to check in with the source of that data will transform air travel, healthcare, and tourism.
Iverson Center for Faith (ICF) B
Though the security industry has historically leveraged fewer open source SIEMs, there are several proponents to using open source tools: lower license costs, greater extensibility, greater transparency into the product, etc. In this talk, we will present how Cargill was able to implement a Security Incident and Event Management (SIEM) using open source tools like Logstash and OpenSearch.
Cargill also contributes to the open source SIEM community through the OpenSIEM-Logstash Parsing project. This project aims to ease the burden among SIEM administrators and security professionals to standardize and enrich the wide variety of logs common for security and operations. We will cover the approach to the OpenSIEM project, the tools and their uses, as well as the on-going effort to share and establish common schemas and log enrichments.
Iverson Center for Faith (ICF) C
While everyone likes to share successes, let’s discuss the reality of software development. Projects are messy with lots of competing interests and challenges. One of these challenges that comes up often is scope creep. As software developers, we can be pulled in many different directions to not only help make the best product that we can but stay focused on the scope of what’s expected. Sometimes your job feels like: “Damned If I Do, Damned If I Don’t”. Let’s discuss the reality of the situation and some techniques and tools to help.
Session Outline:
1. Introduction: Some projects & experiences with scope creep I’ve had as a developer
2. Scope Creep: who are the guilty parties, what are the signs, why it happens, and when it's most likely
3. Solutions: Tips/tricks to help if you are in this situation -- Ideas on how to help avoid scope creep in the future -- Reach out and let me know if they work!
4. Q&A
3:00 to 3:40
Anderson Student Center (ASC) A
Over the last 3 years, Target has embarked on a journey to completely modernize our footprint of over 60,000 guest facing devices using a flexible open-source framework. Come hear Rick Walstrom and Principal Engineer Adam Nawrocki talk through Target's in-store open source journey that has allowed for increased speed of deployment, reduced configuration drift, and drastically decreased operational cost.
Topics to include:
- How Target threw down the open-source / commodity hardware gauntlet in front of some of the world's largest technology providers
- Design principles for our environment
- How we've applied open-source solutions at every stage of deployment
- The challenge of embracing large scale change in the face of decades of technical debt
- Immutability on bare metal hardware
- OS choice, Image management, and Hardware abstraction at massive scale and in a highly distributed environment
- Architecting for security
- The huge benefits we've seen in our shift from Windows to an open source OS
Anderson Student Center (ASC) B
The role of APIs in the enterprise continues to grow. We see rapid API adoption across many new use cases, causing engineers to think about APIs in new ways. In the enterprise, our engineering demands are complex. We have high standards for security, discoverability, and governance. There’s a high demand for creating more microservices, requiring us to have a strategy to address issues related to API consistency and composition. Modern software development methodologies like continuous development and agile help shorten the lead times to develop and release software. But that can result in more fragmentation and overall complexity. Too many microservices, not well organized.
This talk will introduce a Decentralized Emerging Architecture Approach (or a cell-based architecture) that can help improve your design patterns for building microservices in an organized manner. The cell-based architecture is based on our experience across hundreds of internal API projects. We propose this architecture to help address the challenges microservice API developers will face at scale. This forward-looking approach also helps enhance engineering agility.
Anderson Student Center (ASC) C
Open source software continues to grow and expand, we see more open source and more contributions to open source projects every day. 76% of organizations increased the use of open source in the last 12 months, 37% increased the use of open source significantly. This is one of many research findings revealed in the latest OpenLogic by Perforce and the Open Source Initiative (OSI) collaboration, where over 2,600 industry professionals responded to the 2022 State of Open Source Software survey.
What open source technologies are the most used today? What are industry professionals looking for to select open source software? What are the technical challenges for organizations using open source technologies? Join us to cover the full survey report results, where you are going to learn about the latest trends in today’s popular open source software as well as the challenges and realities with the most popular open source in the world.
Today, the top reason to select open source software in organizations is to gain access to innovation and the latest technologies. The global survey results provide an instant snapshot of what is happening in every open source category, from infrastructure and programming languages to data technologies and DevOps tooling, all bringing major benefits to organizations in every industry.
And finally, get a glance at where organizations are in terms of the level of maturity using open source, and their technology strategy today and in the upcoming years.
Anderson Student Center (ASC) Scooters
Beer brewing can be fun, but combining brewing with IoT device hacking is even funner. It is possible to connect and collect data about almost anything, including the fermentation process inside a closed fermenter using open source technologies. In this presentation, the speaker will introduce basic concepts of IoT devices, how to collect the data efficiently and how to use JavaScript to extract and manipulate that same data into a React front-end. And if you’re new to beer brewing, don’t worry; you will also learn a thing or two about that as well!
Iverson Center for Faith (ICF) A
Let's face it: most people talking about observability all end up talking about distributed tracing somehow. It is a technology that radically changes how we identify and solve technical problems. In a world where virtually all applications are born distributed — it seems to be something that you ought to know in more detail.
This talk will provide a pragmatic overview of distributed tracing by clearly articulating its motivation, problems it solves, the challenges, and what technologies you should use to ensure a vendor-agnostic implementation.
It will discuss things like white-box and black-box instrumentation, the pros and cons of each approach, and why most developers prefer one versus the other.
Iverson Center for Faith (ICF) B
The minimum viable security (MVS) approach, enables us to easily bake security into our config files, apps, and CI/CD processes with a few simple controls built - and the great part? It’s easily achievable through open source tooling.
In this talk we will focus on five critical security controls that will be integrated as part of the CI/CD pipeline by leveraging some excellent open source tools, including: Bandit or SEMGrep for static application security (SAST), Gitleaks to detect hard-coded or insufficiently secured secrets & dependency checks (SCA), KICS for infrastructure as code (IaC) and OWASP’s ZAP for API and dynamic application security (DAST), in addition to custom controls to ensure proper enforcement of MFA via Github Security. These controls will provide a foundational framework for securing your applications from the first line of code, that will make it possible to continuously iterate and evolve your security maturity all the way through advanced layers of security that comes with time, as well as increased experience with your deployments, stacks, and security posture.
Code examples & demos will be showcased as part of this session.
Iverson Center for Faith (ICF) C
This session will be a moderated panel discussion around the experience of people who have traditionally not been represented in tech, particularly within the Open Source Software community. We will discuss the overall idea that OSS increases accessibility for people of all backgrounds to engage with tech, as well as the idea that Women, BIPOC, and people living with disabilities have felt excluded from the OSS community. Valerie will be joined by panelists Casie Siekman, Jenn Bonine, and Destiny Babjack. We will invite a variety of people to engage in the discussion and also leave time for Q+A and attendee input.